I just configured Single Sign on on my Tomcat4 server, and was just wondering what's the best way to chose, when I have to add a new service to my site, if just adding a security constraint, in my main Context, or configuring and using single signon, for achieving the same result!
It seems to me that using singlesignon has the following advantages: 1) I create a service as a standalone application, that can then be deployed elsewhere; 2) I don't have to restart Tomcat in order to deploy/restart the new service, or making it temporary unavailable, thanks to the manager application; 3) I can continue sharing java classes, by putting them in the "common" dir; 4) In my situation, obviously, a centralized database of users and roles is ok; different context on tomcat, in my environment, should only appear as different "services" or "roles", just similar to defining new security constraints. I have not investigated too much on this topic, so the question is: is there something I don't see that can cause problems using single signon in this way ? Has someone already had such a doubt and how he/she solved it ? Thanks Renato ____________________________________ Renato Romano Sistemi e Telematica S.p.A. Calata Grazie - Vial Al Molo Giano 16127 - GENOVA e-mail: [EMAIL PROTECTED] Tel.: 010 2712603 _____________________________________ -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
